I am trying to use the new Alert Automation tools within SOW. When creating an enrichment rule I am trying to parse out the severity number value from "key": "Sev2"}],
I am using (?:.*)"Sev(\d)"(?:.*) as my regex
In the UI is shows that its working
However when the events come in, they show they are running the rule but the extracted data isn't appearing in the additional information area.
